tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream commit 

don't ignore PKCS#11 hosted keys that return empty
 CKA_ID; patch by Jakub Jelen via bz#2429; ok markus

Upstream-ID: 2f7c94744eb0342f8ee8bf97b2351d4e00116485
This commit is contained in:
djm@openbsd.org 2015-07-18 08:02:17 +00:00 committed by Damien Miller
parent b15fd989c8
commit 63ebcd0005
1 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
ssh-pkcs11.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-pkcs11.c,v 1.20 2015/07/18 08:00:21 djm Exp $ */ /* $OpenBSD: ssh-pkcs11.c,v 1.21 2015/07/18 08:02:17 djm Exp $ */
/* /*
* Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2010 Markus Friedl. All rights reserved.
* *
@ -481,15 +481,23 @@ pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx,
error("C_GetAttributeValue failed: %lu", rv); error("C_GetAttributeValue failed: %lu", rv);
continue; continue;
} }
/* check that none of the attributes are zero length */ /*
if (attribs[0].ulValueLen == 0 || * Allow CKA_ID (always first attribute) to be empty, but
attribs[1].ulValueLen == 0 || * ensure that none of the others are zero length.
* XXX assumes CKA_ID is always first.
*/
if (attribs[1].ulValueLen == 0 ||
attribs[2].ulValueLen == 0) { attribs[2].ulValueLen == 0) {
continue; continue;
} }
/* allocate buffers for attributes */ /* allocate buffers for attributes */
for (i = 0; i < 3; i++) for (i = 0; i < 3; i++) {
attribs[i].pValue = xmalloc(attribs[i].ulValueLen); if (attribs[i].ulValueLen > 0) {
attribs[i].pValue = xmalloc(
attribs[i].ulValueLen);
}
}
/* /*
* retrieve ID, modulus and public exponent of RSA key, * retrieve ID, modulus and public exponent of RSA key,
* or ID, subject and value for certificates. * or ID, subject and value for certificates.